Azure AD Connect Video Training Series

Azure AD Connect Video Training Series

Try before you buy! Get a taste of what you’ll learn – watch free video excerpts from some of the courses now!

Great! I finished all the courses in the series. Lots of in-depth details, well presented and explained. Easy to follow. Thanks!

Sylvan, CEO, Switzerland

Prices for 12-month individual subscription

Any single course £166 / $199 / €190
Any two courses £250 / $299 / €287
All courses £334 / $399 / €384

plus VAT if applicable

View it, then do it!

Learn what you need to know about Azure AD Connect in our video training.

Courses in our comprehensive and highly practical Azure AD Connect video training series teach and demo everything from installation to configuration and all-important troubleshooting, giving you “how-to” knowledge as and when you need it. And, unlike free information on the internet, our courses are regularly updated. See information about latest updates and recommendations.

Hugh Simpson-Wells, OCT’s CEO says:

The 7 courses in this flexible and highly practical Azure AD Connect Video Training Series will equip you with the in-depth knowledge you need, when you need to know it.

An individual subscription gives one person access 24/7 for 365 days to the knowledge needed to install, modify and upgrade Azure AD Connect environments, or troubleshoot problems, with confidence. Interested in a multi-user licence? Please contact us for pricing information.


Diving deep beyond the wizard, the videos are demo-heavy. You can run these alongside what you are doing in your real system, pausing, rewinding and replaying as necessary.

You can subscribe for a year to all seven courses in the series, or just a single course, giving you an invaluable reference about a technology that is now a key part of a hybrid AD infrastructure.

Our comprehensive and flexible series of video training courses will equip you to make the most of Azure AD Connect and achieve the optimal configuration for your organization even in complex environments. They will enable you to provide consistent, secure and user-friendly authentication, and consistent authorization across on-premises and cloud applications through automated and reliable group management. They will also enable you to minimizing the strain on your administrators and helpdesk staff.

What the videos cover

The videos cover both the ‘easy’ things (installation and configuration using the wizard) as well as ‘harder’ things, like how provisioning and deprovisioning works, and the disaster recovery options. It has realistic demonstrations enabling you to get a proper understanding of its capabilities in real-world scenarios.

See the outline tab (above) to discover the precise content of each video.

The content is based on our Azure AD Connect Masterclass which was written by an expert team including Andreas Kjellman (formerly MIM and Azure AD Connect Program Manager for Microsoft), and is the only comprehensive, structured training course for this vital and complex technology. By subscribing to all the video courses, you could work through them all covering much the same ground as our Azure AD Connect Masterclass. Alternatively you can simply access an area of interest as and when you need that knowledge.

Who is the Azure AD Connect Video Training Series for?

The Azure AD Connect Video Training Series is for architects and administrators who are responsible for connecting their on-premises Active Directory with an Azure Active Directory tenant, and who want to:

  • Learn about some specific aspect of Azure AD Connect
  • Learn how to configure and maintain it, and which configurations are supported
  • Gain a holistic perspective on Azure AD Connect implementation, configuration, security, high availability, troubleshooting, and/or disaster recovery scenarios
  • Understand what Azure AD Connect can do beyond its ‘out-of-the-box’ form and investigate its many additional capabilities

What courses are available in the Azure AD Connect Video Training Series?

Our Azure AD Connect Video Training Series includes seven individual courses: Foundations | Synchronization concepts | Comparison with MIM (free with all subscriptions) | Custom scenarios | Synchronization rules | Authentication | Additional (but essential) topics.

(See the “Outline” tab above for detailed information about each course.)

Hugh Simpson-Wells, our CEO and course instructor, explains how the Azure AD Connect Video Training Series works in this video:

You can purchase one, two or all courses – and you’ll get 24×7 access to each for a year. Each course has a number of videos, which are divided by chapter markers, so that you can quickly find topics of interest. Videos are a mixture of presentation and demonstration – and courses are usually followed by a revision quiz.

If you find you do want to try out a lab environment of your own, or you need one-to-one help, these can be bought as bolt-on extras.

Inevitably, some topics are dependent on others. While we have tried to make each video self-contained, there will be occasions when it might be hard to fully understand one without having seen another. For this reason we have made the whole series available for just £334 / $399 / €384.

Training outcomes

If you watch all the videos you’ll understand:

  • Everything you can do through the wizard, and much more
  • Different authentication options – how you move from one to the other, and how they interact
  • Azure AD Connect architecture and configuration, understanding and editing rules, and handling errors
  • Scheduling, statistics, basic troubleshooting, high availability, and Azure AD Connect health
  • Managing Azure AD Connect with PowerShell
  • Precedence, provisioning/deprovisioning, joining rules, and transformations
  • Upgrading, backup, restore and recovery options
  • Multi-forest, multi-tenant and non-AD directory scenarios
  • Integrating cloud-based HR systems
  • What’s supported and what’s not

Of course, you can just choose areas of interest.

Information you can trust

This course re-presents material generated by Andreas Kjellman (formerly MIM and Azure AD Connect Program Manager for Microsoft), Hugh Simpson-Wells (Founder and CEO, Oxford Computer Group and Oxford Computer Training), Jimmy Andersson (MVP Enterprise Mobility) and James Cowling (CTO, Oxford Computer Group and Oxford Computer Training) for the creation of the Azure AD Connect Masterclass.

Andreas Kjellman – Hugh Simpson-Wells – Jimmy Andersson – James Cowling

There are seven courses in the series, each split into a number of videos, further divided by chapter markers, so that you can quickly find topics of interest.

Course #1: Foundations (143 minutes)

Two videos: General concepts (63 minutes) | Express installation (40 minutes)

  • Active Directory (AD), its structure, administration and additional components
  • Azure AD structure and administration
  • Azure AD customer journeys and editions
  • Tenants, directories, subscriptions and domains
  • Azure AD production and test tenants
  • Hybrid environments and the requirements of users
  • The role of Azure AD Connect for managing users, groups and devices
  • Azure AD Connect installation pre-requisites (including data clean-up) and express installation
  • Demonstration including the Azure Portal, the Office 365 Admin Portal, and express installation of Azure AD Connect

Course #2: Synchronization concepts (142 minutes)

Four videos: Identity sources and synchronization (28 minutes) | Anchor attributes (13 minutes) | The synchronization engine (33 minutes) | The synchronization service manager (68 minutes)

  • Sources and types of user, group and device identity objects
  • Types and sources of attributes
  • Typical Azure AD Connect synchronization scenarios
  • Transformations and precedence
  • Anchor attributes, what they do, why they are important, choosing them and changing them
  • MS-DS-ConsistencyGUID, AlternateID and UPN
  • The Azure AD Connect synchronization engine, connector space and metaverse
  • Run steps, run profiles and run cycles
  • State-based design and its consequences
  • Properly disabling an account
  • Azure AD Connect synchronization flow, including multi-forest considerations
  • The Synchronization Service Manager, configuration, tools, connector properties, supported and unsupported actions
  • Connector space and metaverse objects – metaverse design
  • Options for running synchronization – statistics and errors
  • The Scheduler
  • Demonstration including the management and configuration of Azure AD Connect

Course #3: Comparison with MIM (28 minutes) – FREE with any subscription

One video: Comparing MIM and Azure AD Connect (28 minutes)

  • Relationship between Azure AD Connect and MIM
  • Historical overview of FIM/MIM
  • Comparison of the MIM and Azure AD Connect components
  • MIM and Azure AD Connect similarities
  • MIM and Azure AD Connect differences
  • MIM deprecated features
  • MIM things simply not present in Azure AD Connect

Course #4: Custom scenarios (126 minutes)

Three videos: Supported topologies (37 minutes) | Preparing for custom installation (31 minutes) | Custom installation (58 minutes)

  • Supported Azure AD Connect topologies: single forest with single tenant, multiple forests with single tenant, role of GALSync, multiple tenants, on-premises sync in a multi-forest org, Azure AD Connect write-back scenarios, cloud HR
  • Consolidating users, contacts and FSPs
  • Consolidating (merging) group memberships
  • Preparing for custom install
  • Uninstalling Azure AD Connect
  • Account ownership recovery (including an already established Azure AD tenant)
  • Azure AD Connect database, services, and health
  • Azure AD Connect custom installation, accounts and permissions, and required components
  • User sign-in options
  • Demonstration including custom installation of Azure AD Connect

Course #5: Synchronization rules (357 minutes) Watch free taster videos!

Five videos: Introducing synchronization rules (81 minutes) | Transformations (83 minutes) watch excerpt for free! | Object orchestration (76 minutes) watch excerpt for free! | Filtering (32 minutes) watch excerpt for free! | Default scenarios (85 minutes) watch excerpt for free!

  • Azure AD Connect sync rules: inbound and outbound synchronization, enable password configuration, scoping filter, transformations, precedence
  • The Azure AD Connect Synchronization Rules Editor and the processing pipeline
  • Using PowerShell with precedence
  • Transformation expressions, common functions, operators, attributes, literals, parameters, and common functions
  • Examples of out-of-the-box transformations
  • How the wizard can change flows
  • Validation and format for readability
  • Working with multi-value attributes
  • More transformations: ImportedValue, Update, replace and merge, and virtual attributes
  • Object orchestration: the Link Type property, provision, join, sticky join, deprovision and deletion
  • Reverse-join and disaster recovery
  • Three types of filtering (domain, OU, attribute & group)
  • The purpose and importance of the CloudFiltered attribute for controlling provisioning
  • Preview
  • Out-of-the-box scenarios
  • Default rules: users, contacts, foreign security principals (FSPs) and accounts
  • All the above are interspersed with demonstrations

Course #6: Authentication (200 minutes) See free taster videos!

Five videos: Overview (28 minutes) watch whole video for free! | Password hash synchronization (34 minutes) | Pass-through authentication (37 minutes) | Seamless single sign-on (36 minutes) | Device options (36 minutes) watch excerpt for free! | Other authentication options (30 minutes)

  • Supported authentication methods
  • Factors to consider when choosing an authentication method
  • Password hash synchronisation (PHS) features and disadvantages
  • Password hashing
  • PHS and on-premises password policies
  • Troubleshooting PHS
  • PHS demonstration
  • Pass-through authentication (PTA) features, and disadvantages
  • PTA components, sign-in process and security
  • PTA wizard installation and installing additional Authentication Agents
  • PTA agent registration, initialization, certificate renewal, and auto-update
  • Troubleshooting PTA, sign-in errors, and sign-in activity report
  • Unsupported and supported PTA scenarios
  • Demonstration of PTA
  • Seamless single sign-on (SSSO)
  • Comparing with Azure AD Hybrid Join
  • SSSO features and implementation SSSO
  • Web browser and native client SSSO
  • Rolling over the Kerberos key
  • SSSO troubleshooting, checklist, known issues and browser support
  • Demonstration of SSSO
  • Device management in Azure AD and Azure AD Connect device options
  • Additional advantages of device hybrid join
  • Hybrid join supported devices, implementation overview, implementation pre-requisites, configuring the service connection point (SCP)
  • DsRegCmd
  • Azure AD Connect device writeback
  • Demonstration of Azure AD hybrid join
  • Azure AD Connect password write-back implementation and management
  • How password write-back works
  • Demonstration of password write-back
  • Federation overview, edge cases, AD FS authentication process, AD FS installation recommendations, converting Azure AD from federated authentication, Azure AD staged conversion from federated

Course #7: Additional (but essential) topics (177 minutes) Watch free taster video!

Six videos: Maintaining Azure AD Connect (13 minutes) | Logs and monitoring (44 minutes) | Accidental deletion (29 minutes) watch whole video for free! | Resilience and performance (60 minutes) | Regions and instances (7 minutes) | Advanced scenarios (24 minutes)

  • Azure AD Connect automatic upgrade and manual upgrade
  • Azure AD Connect wizard maintenance mode
  • Operation and password hash logs
  • Run profile options
  • Azure AD Connect Health
  • Event log monitoring
  • Demonstration: debug tracing; exporting connector data
  • AD and Azure AD recycle bins
  • Managing deleted Azure AD users
  • Deletion protection
  • Demonstration including deletion protection
  • Resilience and performance
  • Importing, exporting and documenting sync rules
  • Staging mode
  • SQL Server resilience
  • Disaster recovery
  • Demonstration of managing sync rules, and disaster recovery
  • Regions, geos and instances
  • Preferred data location attribute
  • Takeover of an existing tenant, hard match and soft match
  • Synchronizing UPN changes
  • UPN and ProxyAddress uniqueness
  • Additional scenarios: Hybrid Exchange, multiple tenant, multiple Azure AD Connect sync engines, adding additional Connectors


This series is aimed at architects and administrators responsible for connecting their on-premises Active Directory with an Azure Active Directory tenant who want to:

  • Understand what Azure AD Connect can do beyond its ‘out-of-the-box’ form and investigate its many additional capabilities
  • Learn how to configure and maintain it, and which configurations are supported

Therefore familiarity with AD and basic concepts of authentication will be advantageous – the same goes for Exchange (unless you will never use it).